CVE-2026-57025

Severity CVSS v4.0:
MEDIUM
Type:
Unavailable / Other
Publication date:
09/07/2026
Last modified:
09/07/2026

Description

A Return of Pointer Value Outside of Expected Range vulnerability in the fileio library of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privilged attacker to cause a Denial-of-Service (DoS).<br /> <br /> On EX Series, QFX Series and MX Series a low-privileged attacker issuing a specific &amp;#39;show l2-learning&amp;#39; command will cause an l2ald crash which will lead to a temporary service impact for all layer 2 services until the process has automatically restarted.<br /> <br /> This issue affects EX Series, QFX Series, MX Series:<br /> Junos OS:<br /> <br /> <br /> * all versions before 23.2R2-S7,<br /> * 23.4 versions before 23.4R2-S7,<br /> * 24.2 versions before 24.2R2,<br /> * 24.4 versions before 24.4R1-S2.<br /> <br /> <br /> <br /> Junos OS Evolved:<br /> * all versions before 23.2R2-S7-EVO,<br /> * 23.4 versions before 23.4R2-S8-EVO,<br /> * 24.2 versions before 24.2R2-EVO,<br /> * 24.4 versions before 24.4R1-S3-EVO.

References to Advisories, Solutions, and Tools